//blob service does not like milliseconds on the end of the time so strip

returnraw.substr(0, raw.lastIndexOf('.')) +'Z';

}

}

var Constants = {

SIGNED_VERSION:'sv',

SIGNED_RESOURCE:'sr',

SIGNED_START:'st',

SIGNED_EXPIRY:'se',

SIGNED_PERMISSIONS:'sp',

SIGNED_IDENTIFIER:'si',

SIGNATURE:'sig',

};

var crypto =require('crypto');

var util =require('util');

//http://msdn.microsoft.com/en-us/library/windowsazure/hh508996.aspx

var resource ='https://%s.blob.core.windows.net/%s/%s%s';

//Version of the storage rest API

var signedVersion ='2012-02-12';

//signedResource. use b for blob, c for container

var signedResource ='b'; //

// The signedpermission portion of the string must include the permission designations in a fixed order that is specific to each resource type. Any combination of these permissions is acceptable, but the order of permission letters must match the order in the following table.

var signedPermissions ='rw'; //blob perms must be in this order rwd

// Example - Use ISO 8061 format

var signedStart ='';

var signedExpiry ='';

// Eample Blob

// URL = https://myaccount.blob.core.windows.net/music/intro.mp3

// canonicalizedresource = "/myaccount/music/intro.mp3"

var canonicalizedResource ='/%s/%s/%s';

//The string-to-sign is a unique string constructed from the fields that must be verified in order to authenticate the request. The signature is an HMAC computed over the string-to-sign and key using the SHA256 algorithm, and then encoded using Base64 encoding.

var signature ='';

//Optional. A unique value up to 64 characters in length that correlates to an access policy specified for the container, queue, or table.